Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Joe Martin
OpenLDAP
Commits
60f78865
Commit
60f78865
authored
Aug 25, 2009
by
Quanah Gibson-Mount
Browse files
ITS#5178,ITS#6152 proxycache enhancements
parent
a143720b
Changes
8
Expand all
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
60f78865
...
...
@@ -23,7 +23,7 @@ OpenLDAP 2.4.18 Engineering
Fixed slapd-relay response/cleanup callback mismatch (ITS#6154)
Fixed slapd-sql with baseObject query (ITS#6172)
Fixed slapd-sql with empty attribute (ITS#6163)
Fixed slapo-pcache multiple enhancements (ITS#6152)
Fixed slapo-pcache multiple enhancements (ITS#6152
,ITS#5178
)
Fixed slapo-translucent attribute return (ITS#6254)
Fixed slapo-translucent filter matching (ITS#6255)
Fixed slapo-translucent to honor sizelimit (ITS#6253)
...
...
doc/man/man5/slapo-pcache.5
View file @
60f78865
...
...
@@ -4,7 +4,7 @@
.\" Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
.\" $OpenLDAP$
.SH NAME
slapo\-pcache \- proxycache overlay to slapd
slapo\-pcache \- proxy
cache overlay to slapd
.SH SYNOPSIS
ETCDIR/slapd.conf
.SH DESCRIPTION
...
...
@@ -15,7 +15,7 @@ overlay to
allows caching of LDAP search requests (queries) in a local database.
For an incoming query, the
proxy cache determines its corresponding \fBtemplate\fP. If the template
was specified as cacheable using the \fBp
roxyt
emplate\fP directive
was specified as cacheable using the \fBp
cacheT
emplate\fP directive
and the request is contained in a cached request, it is answered from
the proxy cache.
Otherwise, the search is performed as usual and cacheable search results
...
...
@@ -32,9 +32,9 @@ Examples of template strings are \fB(mail=)\fP, \fB(|(sn=)(cn=))\fP,
.LP
The config directives that are specific to the
.B p
roxy
cache
.B pcache
overlay can be prefixed by
.BR p
roxy
cache\- ,
.BR pcache\- ,
to avoid conflicts with directives specific to the underlying database
or to other stacked overlays. This may be particularly useful for those
directives that refer to the backend used for local storage.
...
...
@@ -51,28 +51,28 @@ and
.BR sql
backends.
.TP
.B p
roxy
cache <database> <max_entries> <numattrsets> <entry_limit> <cc_period>
.B pcache <database> <max_entries> <numattrsets> <entry_limit> <cc_period>
The directive enables proxy caching in the current backend and sets general
cache parameters. A <database> backend will be used internally to maintain
the cached entries. The chosen database will need to be configured as well,
as shown below. Cache replacement is invoked when the cache size grows to
<max_entries> entries and continues till the cache size drops below this size.
<numattrsets> should be equal to the number of following \fBp
roxya
ttrset\fP
<numattrsets> should be equal to the number of following \fBp
cacheA
ttrset\fP
directives. Queries are cached only if they correspond to a cacheable template
(specified by the \fBp
roxyt
emplate\fP directive) and the number of entries
(specified by the \fBp
cacheT
emplate\fP directive) and the number of entries
returned is less than <entry_limit>. Consistency check is performed every
<cc_period> duration (specified in secs). In each cycle queries with expired
"time to live(\fBTTL\fP)" are removed. A sample cache configuration is:
.LP
.RS
p
roxy
cache \fBbdb 10000 1 50 100\fP
pcache \fBbdb 10000 1 50 100\fP
.RE
.TP
.B p
roxya
ttrset <index> <attrs...>
.B p
cacheA
ttrset <index> <attrs...>
Used to associate a set of attributes <attrs..> with an <index>. Each attribute
set is associated with an integer from 0 to <numattrsets>\-1. These indices are
used by the \fBp
roxyt
emplate\fP directive to define cacheable templates.
used by the \fBp
cacheT
emplate\fP directive to define cacheable templates.
A set of attributes cannot be empty. A set of attributes can contain the
special attributes "*" (all user attributes), "+" (all operational attributes)
or both; in the latter case, any other attribute is redundant and should
...
...
@@ -80,11 +80,11 @@ be avoided for clarity. A set of attributes can contain "1.1" as the only
attribute; in this case, only the presence of the entries is cached.
.TP
.B p
roxy
cache
q
ueries <queries>
.B pcache
MaxQ
ueries <queries>
Specify the maximum number of queries to cache. The default is 10000.
.TP
.B p
roxycheckcacheability
{ TRUE | FALSE }
.B p
cacheValidate
{ TRUE | FALSE }
Check whether the results of a query being cached can actually be returned
from the cache by the proxy DSA. When enabled, the entries being returned
while caching the results of a query are checked to ensure consistency
...
...
@@ -92,25 +92,33 @@ with the schema known to the proxy DSA. In case of failure, the query
is not cached. By default, the check is off.
.TP
.B proxysavequeries { TRUE | FALSE }
.B pcacheOffline { TRUE | FALSE }
Set the cache to offline mode. While offline, the consistency checker
will be stopped and no expirations will occur. This allows the cache
contents to be used indefinitely while the proxy is cut off from network
access to the remote DSA. The default is FALSE, i.e. consistency
checks and expirations will be performed.
.TP
.B pcachePersist { TRUE | FALSE }
Specify whether the cached queries should be saved across restarts
of the caching proxy, to provide hot startup of the cache. Only non-expired
queries are reloaded. The default is FALSE.
.BR CAVEAT :
of course, the configuration of the proxycache must not change
of course, the configuration of the proxy
cache must not change
across restarts; the pcache overlay does not perform any consistency
checks in this sense.
In detail, this option should be disabled unless the existing
.B p
roxya
ttrset
.B p
cacheA
ttrset
and
.B p
roxyt
emplate
.B p
cacheT
emplate
directives are not changed neither in order nor in contents.
If new sets and templates are added, or if other details of the pcache
overlay configuration changed, this feature should not be affected.
.TP
.B p
roxyt
emplate <template_string> <attrset_index> <ttl> [<negttl> [<limitttl>]]
.B p
cacheT
emplate <template_string> <attrset_index> <ttl> [<negttl> [<limitttl>
[<ttr>]
]]
Specifies a cacheable template and "time to live" <ttl> of queries
belonging to the template. An optional <negttl> can be used to specify
that negative results (i.e., queries that returned zero entries)
...
...
@@ -119,9 +127,37 @@ results are not cached by default (<negttl> set to 0).
An optional <limitttl> can be used to specify that results
hitting a sizelimit should also be cached for the specified amount of time.
Results hitting a sizelimit are not cached by default (<limitttl> set to 0).
An optional <ttr> "time to refresh" can be used to specify that cached
entries should be automatically refreshed after a certain time. Entries
will only be refreshed while they have not expired, so the <ttl> should
be larger than the <ttr> for this option to be useful. Entries are not
refreshed by default (<ttr> set to 0).
.TP
.B pcacheBind <filter_template> <attrset_index> <ttr> <scope> <base>
Specifies a template for caching Simple Bind credentials based on an
already defined \fBpcacheTemplate\fP. The <filter_template> is similar
to a <template_string> except that it may have some values present. Its
purpose is to allow the overlay to generate filters similar to what other
applications do when they do a Search immediately before a Bind. E.g.,
if a client like nss_ldap is configured to search for a user with the
filter "(&(objectClass=posixAccount)(uid=<username>))" then the corresponding
template "(&(objectClass=posixAccount)(uid=))" should be used here. When
converted to a regular template e.g. "(&(objectClass=)(uid=))" this
template and the <attrset_index> must match an already defined
\fBpcacheTemplate\fP clause. The "time to refresh" <ttr> determines the
time interval after which the cached credentials may be refreshed. The
first Bind request that occurs after that time will trigger the refresh
attempt. Refreshes are not performed when the overlay is Offline. There
is no "time to live" parameter for the Bind credentials; the credentials
will expire according to the \fBpcacheTemplate\fP ttl. The <scope> and
<base> should match the search scope and base used by the authentication
clients. The cached credentials are not stored in cleartext, they are
hashed using the default password hash.
By default Bind caching is not enabled.
.TP
.B
response\-callback
{ head | tail }
.B
pcachePosition
{ head | tail }
Specifies whether the response callback should be placed at the
.B tail
(the default) or at the
...
...
@@ -146,10 +182,10 @@ must be less than or equal to
.B <numattrsets>
attribute sets SHOULD be defined by using the directive
.BR p
roxya
ttrset ;
.BR p
cacheA
ttrset ;
all attribute sets SHOULD be referenced by (at least) one
.B p
roxyt
emplate
.B p
cacheT
emplate
directive;
.LP
...
...
@@ -158,8 +194,8 @@ and attributes mail, postaladdress, telephonenumber and a TTL of 1 hour.
.LP
.RS
.nf
p
roxya
ttrset \fB0 mail postaladdress telephonenumber\fP
p
roxyt
emplate \fB(&(sn=)(givenName=)) 0 3600\fP
p
cacheA
ttrset \fB0 mail postaladdress telephonenumber\fP
p
cacheT
emplate \fB(&(sn=)(givenName=)) 0 3600\fP
.fi
.RE
...
...
@@ -176,14 +212,48 @@ cachesize 100
.LP
Any valid directives for the chosen database type may be used. Indexing
should be used as appropriate for the queries being handled. In addition,
an equality index on the \fB
q
ueryid\fP attribute should be configured, to
an equality index on the \fB
pcacheQ
ueryid\fP attribute should be configured, to
assist in the removal of expired query data.
.SH BACKWARD COMPATIBILITY
The configuration keywords have been renamed and the older form is
deprecated. These older keywords are still recognized but may disappear
in future releases.
.TP
.B proxycache
use pcache
.TP
.B proxyattrset
use pcacheAttrset
.TP
.B proxycachequeries
use pcacheMaxQueries
.TP
.B proxycheckcacheability
use pcacheValidate
.TP
.B proxysavequeries
use pcachePersist
.TP
.B proxytemplate
use pcacheTemplate
.TP
.B response-callback
use pcachePosition
.SH CAVEATS
Caching data is prone to inconsistencies because updates on the remote server
will not be reflected in the response of the cache at least (and at most)
for the duration of the
.B p
roxyt
emplate
.B p
cacheT
emplate
.BR TTL .
These inconsistencies can be minimized by careful use of the TTR.
The remote server should expose the
.B objectClass
...
...
servers/slapd/overlays/pcache.c
View file @
60f78865
This diff is collapsed.
Click to expand it.
servers/slapd/proto-slap.h
View file @
60f78865
...
...
@@ -1774,6 +1774,9 @@ LDAP_SLAPD_F (Filter *) str2filter_x LDAP_P(( Operation *op, const char *str ));
LDAP_SLAPD_F
(
int
)
syncrepl_add_glue
LDAP_P
((
Operation
*
,
Entry
*
));
LDAP_SLAPD_F
(
void
)
syncrepl_diff_entry
LDAP_P
((
Operation
*
op
,
Attribute
*
old
,
Attribute
*
new
,
Modifications
**
mods
,
Modifications
**
ml
,
int
is_ctx
));
LDAP_SLAPD_F
(
void
)
syncinfo_free
LDAP_P
((
struct
syncinfo_s
*
,
int
all
));
/* syntax.c */
...
...
servers/slapd/syncrepl.c
View file @
60f78865
...
...
@@ -3088,6 +3088,10 @@ syncrepl_updateCookie(
return
rc
;
}
/* Compare the attribute from the old entry to the one in the new
* entry. The Modifications from the new entry will either be left
* in place, or changed to an Add or Delete as needed.
*/
static
void
attr_cmp
(
Operation
*
op
,
Attribute
*
old
,
Attribute
*
new
,
Modifications
***
mret
,
Modifications
***
mcur
)
...
...
@@ -3231,6 +3235,86 @@ attr_cmp( Operation *op, Attribute *old, Attribute *new,
*
mret
=
modtail
;
}
/* Generate a set of modifications to change the old entry into the
* new one. On input ml is a list of modifications equivalent to
* the new entry. It will be massaged and the result will be stored
* in mods.
*/
void
syncrepl_diff_entry
(
Operation
*
op
,
Attribute
*
old
,
Attribute
*
new
,
Modifications
**
mods
,
Modifications
**
ml
,
int
is_ctx
)
{
Modifications
**
modtail
=
mods
;
/* We assume that attributes are saved in the same order
* in the remote and local databases. So if we walk through
* the attributeDescriptions one by one they should match in
* lock step. If not, look for an add or delete.
*/
while
(
old
&&
new
)
{
/* If we've seen this before, use its mod now */
if
(
new
->
a_flags
&
SLAP_ATTR_IXADD
)
{
attr_cmp
(
op
,
NULL
,
new
,
&
modtail
,
&
ml
);
new
=
new
->
a_next
;
continue
;
}
/* Skip contextCSN */
if
(
is_ctx
&&
old
->
a_desc
==
slap_schema
.
si_ad_contextCSN
)
{
old
=
old
->
a_next
;
continue
;
}
if
(
old
->
a_desc
!=
new
->
a_desc
)
{
Modifications
*
mod
;
Attribute
*
tmp
;
/* If it's just been re-added later,
* remember that we've seen it.
*/
tmp
=
attr_find
(
new
,
old
->
a_desc
);
if
(
tmp
)
{
tmp
->
a_flags
|=
SLAP_ATTR_IXADD
;
}
else
{
/* If it's a new attribute, pull it in.
*/
tmp
=
attr_find
(
old
,
new
->
a_desc
);
if
(
!
tmp
)
{
attr_cmp
(
op
,
NULL
,
new
,
&
modtail
,
&
ml
);
new
=
new
->
a_next
;
continue
;
}
/* Delete old attr */
mod
=
ch_malloc
(
sizeof
(
Modifications
)
);
mod
->
sml_op
=
LDAP_MOD_DELETE
;
mod
->
sml_flags
=
0
;
mod
->
sml_desc
=
old
->
a_desc
;
mod
->
sml_type
=
mod
->
sml_desc
->
ad_cname
;
mod
->
sml_numvals
=
0
;
mod
->
sml_values
=
NULL
;
mod
->
sml_nvalues
=
NULL
;
*
modtail
=
mod
;
modtail
=
&
mod
->
sml_next
;
}
old
=
old
->
a_next
;
continue
;
}
/* kludge - always update modifiersName so that it
* stays co-located with the other mod opattrs. But only
* if we know there are other valid mods.
*/
if
(
*
mods
&&
(
old
->
a_desc
==
slap_schema
.
si_ad_modifiersName
||
old
->
a_desc
==
slap_schema
.
si_ad_modifyTimestamp
))
attr_cmp
(
op
,
NULL
,
new
,
&
modtail
,
&
ml
);
else
attr_cmp
(
op
,
old
,
new
,
&
modtail
,
&
ml
);
new
=
new
->
a_next
;
old
=
old
->
a_next
;
}
*
modtail
=
*
ml
;
*
ml
=
NULL
;
}
static
int
dn_callback
(
Operation
*
op
,
...
...
@@ -3351,78 +3435,9 @@ dn_callback(
*/
}
modtail
=
&
dni
->
mods
;
ml
=
dni
->
modlist
;
/* We assume that attributes are saved in the same order
* in the remote and local databases. So if we walk through
* the attributeDescriptions one by one they should match in
* lock step. If not, look for an add or delete.
*/
for
(
old
=
rs
->
sr_entry
->
e_attrs
,
new
=
dni
->
new_entry
->
e_attrs
;
old
&&
new
;
)
{
/* If we've seen this before, use its mod now */
if
(
new
->
a_flags
&
SLAP_ATTR_IXADD
)
{
attr_cmp
(
op
,
NULL
,
new
,
&
modtail
,
&
ml
);
new
=
new
->
a_next
;
continue
;
}
/* Skip contextCSN */
if
(
is_ctx
&&
old
->
a_desc
==
slap_schema
.
si_ad_contextCSN
)
{
old
=
old
->
a_next
;
continue
;
}
if
(
old
->
a_desc
!=
new
->
a_desc
)
{
Modifications
*
mod
;
Attribute
*
tmp
;
/* If it's just been re-added later,
* remember that we've seen it.
*/
tmp
=
attr_find
(
new
,
old
->
a_desc
);
if
(
tmp
)
{
tmp
->
a_flags
|=
SLAP_ATTR_IXADD
;
}
else
{
/* If it's a new attribute, pull it in.
*/
tmp
=
attr_find
(
old
,
new
->
a_desc
);
if
(
!
tmp
)
{
attr_cmp
(
op
,
NULL
,
new
,
&
modtail
,
&
ml
);
new
=
new
->
a_next
;
continue
;
}
/* Delete old attr */
mod
=
ch_malloc
(
sizeof
(
Modifications
)
);
mod
->
sml_op
=
LDAP_MOD_DELETE
;
mod
->
sml_flags
=
0
;
mod
->
sml_desc
=
old
->
a_desc
;
mod
->
sml_type
=
mod
->
sml_desc
->
ad_cname
;
mod
->
sml_numvals
=
0
;
mod
->
sml_values
=
NULL
;
mod
->
sml_nvalues
=
NULL
;
*
modtail
=
mod
;
modtail
=
&
mod
->
sml_next
;
}
old
=
old
->
a_next
;
continue
;
}
/* kludge - always update modifiersName so that it
* stays co-located with the other mod opattrs. But only
* if we know there are other valid mods.
*/
if
(
dni
->
mods
&&
(
old
->
a_desc
==
slap_schema
.
si_ad_modifiersName
||
old
->
a_desc
==
slap_schema
.
si_ad_modifyTimestamp
))
attr_cmp
(
op
,
NULL
,
new
,
&
modtail
,
&
ml
);
else
attr_cmp
(
op
,
old
,
new
,
&
modtail
,
&
ml
);
new
=
new
->
a_next
;
old
=
old
->
a_next
;
}
*
modtail
=
*
ml
;
*
ml
=
NULL
;
syncrepl_diff_entry
(
op
,
rs
->
sr_entry
->
e_attrs
,
dni
->
new_entry
->
e_attrs
,
&
dni
->
mods
,
dni
->
modlist
,
is_ctx
);
}
}
}
else
if
(
rs
->
sr_type
==
REP_RESULT
)
{
...
...
@@ -3793,21 +3808,6 @@ enum {
GOT_REQUIRED
=
(
GOT_RID
|
GOT_PROVIDER
|
GOT_SEARCHBASE
)
};
static
struct
{
struct
berval
key
;
int
val
;
}
scopes
[]
=
{
{
BER_BVC
(
"base"
),
LDAP_SCOPE_BASE
},
{
BER_BVC
(
"one"
),
LDAP_SCOPE_ONELEVEL
},
{
BER_BVC
(
"onelevel"
),
LDAP_SCOPE_ONELEVEL
},
/* OpenLDAP extension */
{
BER_BVC
(
"children"
),
LDAP_SCOPE_SUBORDINATE
},
{
BER_BVC
(
"subord"
),
LDAP_SCOPE_SUBORDINATE
},
{
BER_BVC
(
"subordinate"
),
LDAP_SCOPE_SUBORDINATE
},
{
BER_BVC
(
"sub"
),
LDAP_SCOPE_SUBTREE
},
{
BER_BVC
(
"subtree"
),
LDAP_SCOPE_SUBTREE
},
/* OpenLDAP extension */
{
BER_BVNULL
,
0
}
};
static
slap_verbmasks
datamodes
[]
=
{
{
BER_BVC
(
"default"
),
SYNCDATA_DEFAULT
},
{
BER_BVC
(
"accesslog"
),
SYNCDATA_ACCESSLOG
},
...
...
@@ -4025,19 +4025,15 @@ parse_syncrepl_line(
{
int
j
;
val
=
c
->
argv
[
i
]
+
STRLENOF
(
SCOPESTR
"="
);
for
(
j
=
0
;
!
BER_BVISNULL
(
&
scopes
[
j
].
key
);
j
++
)
{
if
(
!
strcasecmp
(
val
,
scopes
[
j
].
key
.
bv_val
)
)
{
si
->
si_scope
=
scopes
[
j
].
val
;
break
;
}
}
if
(
BER_BVISNULL
(
&
scopes
[
j
].
key
)
)
{
j
=
ldap_pvt_str2scope
(
val
);
if
(
j
<
0
)
{
snprintf
(
c
->
cr_msg
,
sizeof
(
c
->
cr_msg
),
"Error: parse_syncrepl_line: "
"unknown scope
\"
%s
\"
"
,
val
);
Debug
(
LDAP_DEBUG_ANY
,
"%s: %s.
\n
"
,
c
->
log
,
c
->
cr_msg
,
0
);
return
-
1
;
}
si
->
si_scope
=
j
;
si
->
si_got
|=
GOT_SCOPE
;
}
else
if
(
!
strncasecmp
(
c
->
argv
[
i
],
ATTRSONLYSTR
,
STRLENOF
(
ATTRSONLYSTR
)
)
)
...
...
@@ -4441,7 +4437,7 @@ add_syncrepl(
static
void
syncrepl_unparse
(
syncinfo_t
*
si
,
struct
berval
*
bv
)
{
struct
berval
bc
,
uri
;
struct
berval
bc
,
uri
,
bs
;
char
buf
[
BUFSIZ
*
2
],
*
ptr
;
ber_len_t
len
;
int
i
;
...
...
@@ -4495,13 +4491,10 @@ syncrepl_unparse( syncinfo_t *si, struct berval *bv )
ptr
=
lutil_strcopy
(
ptr
,
si
->
si_logbase
.
bv_val
);
*
ptr
++
=
'"'
;
}
for
(
i
=
0
;
!
BER_BVISNULL
(
&
scopes
[
i
].
key
);
i
++
)
{
if
(
si
->
si_scope
==
scopes
[
i
].
val
)
{
if
(
WHATSLEFT
<=
STRLENOF
(
" "
SCOPESTR
"="
)
+
scopes
[
i
].
key
.
bv_len
)
return
;
ptr
=
lutil_strcopy
(
ptr
,
" "
SCOPESTR
"="
);
ptr
=
lutil_strcopy
(
ptr
,
scopes
[
i
].
key
.
bv_val
);
break
;
}
if
(
ldap_pvt_scope2bv
(
si
->
si_scope
,
&
bs
)
==
LDAP_SUCCESS
)
{
if
(
WHATSLEFT
<=
STRLENOF
(
" "
SCOPESTR
"="
)
+
bs
.
bv_len
)
return
;
ptr
=
lutil_strcopy
(
ptr
,
" "
SCOPESTR
"="
);
ptr
=
lutil_strcopy
(
ptr
,
bs
.
bv_val
);
}
if
(
si
->
si_attrsonly
)
{
if
(
WHATSLEFT
<=
STRLENOF
(
" "
ATTRSONLYSTR
"=
\"
"
"
\"
"
)
)
return
;
...
...
tests/data/slapd-proxycache.conf
View file @
60f78865
...
...
@@ -44,13 +44,15 @@ uri "@URI1@"
limits
dn
=
"cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
size
=
1
overlay
pcache
proxycache
@
BACKEND
@
100
2
@
ENTRY_LIMIT
@ @
CACHETTL
@
proxyattrset
0
sn
cn
title
uid
proxyattrset
1
mail
postaladdress
telephonenumber
cn
uid
proxytemplate
(|(
cn
=)(
sn
=))
0
@
CACHETTL
@ @
NCACHETTL
@ @
SCACHETTL
@
proxytemplate
(
sn
=)
0
@
CACHETTL
@ @
NCACHETTL
@ @
SCACHETTL
@
proxytemplate
(
uid
=)
1
@
CACHETTL
@ @
NCACHETTL
@ @
SCACHETTL
@
proxytemplate
(
mail
=)
0
@
CACHETTL
@ @
NCACHETTL
@ @
SCACHETTL
@
pcache
@
BACKEND
@
100
2
@
ENTRY_LIMIT
@ @
CCPERIOD
@
pcacheattrset
0
sn
cn
title
uid
pcacheattrset
1
mail
postaladdress
telephonenumber
cn
uid
pcachetemplate
(|(
cn
=)(
sn
=))
0
@
TTL
@ @
NTTL
@ @
STTL
@
pcachetemplate
(
sn
=)
0
@
TTL
@ @
NTTL
@ @
STTL
@
pcachetemplate
(
uid
=)
1
@
TTL
@ @
NTTL
@ @
STTL
@
pcachetemplate
(
mail
=)
0
@
TTL
@ @
NTTL
@ @
STTL
@
pcachetemplate
(&(
objectclass
=)(
uid
=))
1
@
TTL
@ @
NTTL
@ @
STTL
@ @
TTR
@
pcachebind
(&(
objectclass
=
person
)(
uid
=))
1
@
BTTR
@
sub
"ou=Alumni Association,ou=people,dc=example,dc=com"
#bdb#cachesize 20
#hdb#cachesize 20
...
...
tests/scripts/conf.sh
View file @
60f78865
...
...
@@ -71,10 +71,6 @@ sed -e "s/@BACKEND@/${BACKEND}/" \
-e
"s;@PORT5@;
${
PORT5
}
;"
\
-e
"s;@PORT6@;
${
PORT6
}
;"
\
-e
"s/@SASL_MECH@/
${
SASL_MECH
}
/"
\
-e
"s/@CACHETTL@/
${
CACHETTL
}
/"
\
-e
"s/@NCACHETTL@/
${
NCACHETTL
}
/"
\
-e
"s/@SCACHETTL@/
${
SCACHETTL
}
/"
\
-e
"s/@ENTRY_LIMIT@/
${
CACHE_ENTRY_LIMIT
}
/"
\
-e
"s;@TESTDIR@;
${
TESTDIR
}
;"
\
-e
"s;@DATADIR@;
${
DATADIR
}
;"
\
-e
"s;@SCHEMADIR@;
${
SCHEMADIR
}
;"
tests/scripts/test020-proxycache
View file @
60f78865
...
...
@@ -13,10 +13,13 @@
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
CACHETTL
=
"1m"
NCACHETTL
=
"1m"
SCACHETTL
=
"1m"
CACHE_ENTRY_LIMIT
=
6
PCACHETTL
=
${
PCACHETTL
-
"1m"
}
PCACHENTTL
=
${
PCACHENTTL
-
"1m"
}
PCACHESTTL
=
${
PCACHESTTL
-
"1m"
}
PCACHE_ENTRY_LIMIT
=
${
PCACHE_ENTRY_LIMIT
-
"6"
}
PCACHE_CCPERIOD
=
${
PCACHE_CCPERIOD
-
"2"
}
PCACHETTR
=
${
PCACHETTR
-
"2"
}
PCACHEBTTR
=
${
PCACHEBTTR
-
"5"
}
.
$SRCDIR
/scripts/defines.sh
...
...
@@ -82,7 +85,16 @@ if test $RC != 0 ; then
fi
echo
"Starting proxy cache on TCP/IP port
$PORT2
..."
.
$CONFFILTER
<
$PROXYCACHECONF
>
$CONF2
.
$CONFFILTER
<
$PROXYCACHECONF
|
sed
\
-e
"s/@TTL@/
${
PCACHETTL
}
/"
\
-e
"s/@NTTL@/
${
PCACHENTTL
}
/"
\
-e
"s/@STTL@/
${
PCACHENTTL
}
/"
\
-e
"s/@TTR@/
${
PCACHETTR
}
/"
\
-e
"s/@ENTRY_LIMIT@/
${
PCACHE_ENTRY_LIMIT
}
/"
\
-e
"s/@CCPERIOD@/
${
PCACHE_CCPERIOD
}
/"
\
-e
"s/@BTTR@/
${
PCACHEBTTR
}
/"
\
>
$CONF2
$SLAPD
-f
$CONF2
-h
$URI2
-d
$LVL
-d
pcache
>
$LOG2
2>&1 &
CACHEPID
=
$!
if
test
$WAIT
!=
0
;
then
...
...
@@ -226,11 +238,11 @@ CNT=`expr $CNT + 1`
FILTER
=
"(mail=*example.com)"
ATTRS
=
"cn sn title uid"
USERDN
=
"cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
PASSWD
=
"bjorn"
U
PASSWD
=
"bjorn"
echo
"Query
$CNT
: filter:
$FILTER
attrs:
$ATTRS
"
echo
"# Query
$CNT
: filter:
$FILTER
attrs:
$ATTRS
"
>>
$SEARCHOUT
$LDAPSEARCH
-S
""
-b
"
$BASEDN
"
-h
$LOCALHOST
-p
$PORT2
\
-D
"
$USERDN
"
-w
"
$PASSWD
"
\
-D
"
$USERDN
"
-w
"
$
U
PASSWD
"
\
"
$FILTER
"
$ATTRS
>>
$SEARCHOUT
2>>
$TESTOUT
RC
=
$?
case
$RC
in
...
...
@@ -253,11 +265,11 @@ CNT=`expr $CNT + 1`
FILTER
=
"(uid=b*)"
ATTRS
=
"mail"
USERDN
=
"cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
PASSWD
=
"bjorn"
U
PASSWD
=
"bjorn"
echo
"Query
$CNT
: filter:
$FILTER
attrs:
$ATTRS
"
echo
"# Query
$CNT
: filter:
$FILTER
attrs:
$ATTRS
"
>>
$SEARCHOUT
$LDAPSEARCH
-S
""
-b
"
$BASEDN
"
-h
$LOCALHOST
-p
$PORT2
\
-D
"
$USERDN
"
-w
"
$PASSWD
"
\
-D
"
$USERDN
"
-w
"
$
U
PASSWD
"
\
"
$FILTER
"
$ATTRS
>>
$SEARCHOUT
2>>
$TESTOUT
RC
=
$?
case
$RC
in
...
...
@@ -362,11 +374,11 @@ CNT=`expr $CNT + 1`
FILTER
=
"(mail=*example.com)"
ATTRS
=
"cn sn title uid"
USERDN
=
"cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
PASSWD
=
"bjorn"
U
PASSWD
=
"bjorn"
echo
"Query
$CNT
: filter:
$FILTER
attrs:
$ATTRS
"
echo
"# Query
$CNT
: filter:
$FILTER
attrs:
$ATTRS
"
>>
$SEARCHOUT
$LDAPSEARCH
-S
""
-b
"
$BASEDN
"
-h
$LOCALHOST
-p
$PORT2
\
-D
"
$USERDN
"
-w
"
$PASSWD
"
\
-D
"
$USERDN
"
-w
"
$
U
PASSWD
"
\
"
$FILTER
"
$ATTRS
>>
$SEARCHOUT
2>>
$TESTOUT
RC
=
$?
case
$RC
in
...
...
@@ -389,11 +401,11 @@ CNT=`expr $CNT + 1`
FILTER
=
"(uid=b*)"
ATTRS
=
"mail"
USERDN
=
"cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
PASSWD
=
"bjorn"
U
PASSWD
=
"bjorn"
echo
"Query
$CNT
: filter:
$FILTER
attrs:
$ATTRS
"
echo
"# Query
$CNT
: filter:
$FILTER
attrs:
$ATTRS
"
>>
$SEARCHOUT
$LDAPSEARCH
-S
""
-b
"
$BASEDN
"
-h
$LOCALHOST
-p
$PORT2
\
-D
"
$USERDN
"
-w
"
$PASSWD
"
\
-D
"
$USERDN
"
-w
"
$
U
PASSWD
"
\